void pn_server_init(pn_sasl_t *sasl) { // XXX char *mechs[16]; int count = 0; if (sasl->mechanisms) { char *start = sasl->mechanisms; char *end = start; while (*end) { if (*end == ' ') { if (start != end) { *end = '\0'; mechs[count++] = start; } end++; start = end; } else { end++; } } if (start != end) { mechs[count++] = start; } } pn_post_frame(sasl->disp, 0, "DL[@T[*s]]", SASL_MECHANISMS, PN_SYMBOL, count, mechs); }
void pn_client_init(pn_sasl_t *sasl) { pn_post_frame(sasl->disp, 0, "DL[sz]", SASL_INIT, sasl->mechanisms, sasl->send_data.size, sasl->send_data.start); if (sasl->send_data.start) { free(sasl->send_data.start); sasl->send_data = pn_bytes(0, NULL); } }
// Post SASL frame static void pni_post_sasl_frame(pn_transport_t *transport) { pni_sasl_t *sasl = transport->sasl; pn_bytes_t out = sasl->bytes_out; enum pni_sasl_state desired_state = sasl->desired_state; while (sasl->desired_state > sasl->last_state) { switch (desired_state) { case SASL_POSTED_INIT: pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[sz]", SASL_INIT, sasl->selected_mechanism, out.size, out.start); pni_emit(transport); break; case SASL_PRETEND_OUTCOME: if (sasl->last_state < SASL_POSTED_INIT) { desired_state = SASL_POSTED_INIT; continue; } break; case SASL_POSTED_MECHANISMS: { // TODO: Hardcoded limit of 16 mechanisms char *mechs[16]; char *mechlist = NULL; int count = 0; if (pni_sasl_impl_list_mechs(transport, &mechlist) > 0) { pni_split_mechs(mechlist, sasl->included_mechanisms, mechs, &count); } pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[@T[*s]]", SASL_MECHANISMS, PN_SYMBOL, count, mechs); free(mechlist); pni_emit(transport); break; } case SASL_POSTED_RESPONSE: pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[z]", SASL_RESPONSE, out.size, out.start); pni_emit(transport); break; case SASL_POSTED_CHALLENGE: if (sasl->last_state < SASL_POSTED_MECHANISMS) { desired_state = SASL_POSTED_MECHANISMS; continue; } pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[z]", SASL_CHALLENGE, out.size, out.start); pni_emit(transport); break; case SASL_POSTED_OUTCOME: if (sasl->last_state < SASL_POSTED_MECHANISMS) { desired_state = SASL_POSTED_MECHANISMS; continue; } pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[B]", SASL_OUTCOME, sasl->outcome); pni_emit(transport); if (sasl->outcome!=PN_SASL_OK) { pn_do_error(transport, "amqp:unauthorized-access", "Failed to authenticate client [mech=%s]", transport->sasl->selected_mechanism); desired_state = SASL_ERROR; } break; case SASL_RECVED_OUTCOME_SUCCEED: if (sasl->last_state < SASL_POSTED_INIT) { desired_state = SASL_POSTED_INIT; continue; } break; case SASL_RECVED_OUTCOME_FAIL: pn_do_error(transport, "amqp:unauthorized-access", "Authentication failed [mech=%s]", transport->sasl->selected_mechanism); desired_state = SASL_ERROR; break; case SASL_ERROR: break; case SASL_NONE: return; } sasl->last_state = desired_state; desired_state = sasl->desired_state; } }
void pn_server_done(pn_sasl_t *sasl) { pn_post_frame(sasl->disp, 0, "DL[B]", SASL_OUTCOME, sasl->outcome); }